46 lines
1.1 KiB
Nix
46 lines
1.1 KiB
Nix
{ lib, stdenv, cmake, fetchFromGitHub }:
|
|
|
|
stdenv.mkDerivation rec {
|
|
pname = "wasm3";
|
|
version = "0.5.0";
|
|
|
|
src = fetchFromGitHub {
|
|
owner = "wasm3";
|
|
repo = "wasm3";
|
|
rev = "v${version}";
|
|
sha256 = "07zzmk776j8ydyxhrnnjiscbhhmz182a62r6aix6kfk5kq2cwia2";
|
|
};
|
|
|
|
nativeBuildInputs = [ cmake ];
|
|
|
|
cmakeFlags = [
|
|
"-DBUILD_WASI=simple"
|
|
];
|
|
|
|
installPhase = ''
|
|
runHook preInstall
|
|
install -Dm755 wasm3 -t $out/bin
|
|
runHook postInstall
|
|
'';
|
|
|
|
meta = with lib; {
|
|
homepage = "https://github.com/wasm3/wasm3";
|
|
description = "The fastest WebAssembly interpreter, and the most universal runtime.";
|
|
platforms = platforms.all;
|
|
maintainers = with maintainers; [ malbarbo ];
|
|
license = licenses.mit;
|
|
knownVulnerabilities = [
|
|
# wasm3 expects all wasm code to be pre-validated, any users
|
|
# should be aware that running unvalidated wasm will potentially
|
|
# lead to RCE until upstream have added a builtin validator
|
|
"CVE-2022-39974"
|
|
"CVE-2022-34529"
|
|
"CVE-2022-28990"
|
|
"CVE-2022-28966"
|
|
"CVE-2021-45947"
|
|
"CVE-2021-45946"
|
|
"CVE-2021-45929"
|
|
"CVE-2021-38592"
|
|
];
|
|
};
|
|
}
|